Thanks Martin, and I always forget I can man a conf file.
On Tuesday, November 8, 2016 12:09 PM, Martin Babinsky
wrote:
On 11/08/2016 05:13 PM, Ask Stack wrote:
> I thought /etc/krb5.conf controls which kerberos server the clients talk
> to.
>
> As a test, I removed /etc/k
I thought /etc/krb5.conf controls which kerberos server the clients talk to.
As a test, I removed /etc/krb5.conf and rebooted the client. After reboot, I
can still log in and "kinit user" .
Removing /etc/krb5.keytab, however would stop user from logging in and sssd to
start.
--
Manage your
Thank you, Martin.
On Thursday, November 3, 2016 4:12 AM, Martin Basti
wrote:
On 02.11.2016 20:07, Ask Stack wrote:
I need to migrate ipa server from host rhel6.local to host rhel7.local and
retire host rhel6.local .
For the existing clients, do I need to change
I need to migrate ipa server from host rhel6.local to host rhel7.local and
retire host rhel6.local .
For the existing clients, do I need to change /etc/ipa/default.conf ? Do I even
need this file if sssd is working on the clients?Thanks.
The current default.conf has two lines pointing to rhel6
Thank you.
On Tuesday, May 24, 2016 9:56 AM, Rob Crittenden
wrote:
Ask Stack wrote:
> Sorry for asking the dumb question again. Where are the 389-ds logs? I
> can't find them in /var/log/ .
/var/log/dirsrv/slapd-REALM
What you'll want to look for is the BIND from th
Sorry for asking the dumb question again. Where are the 389-ds logs? I can't
find them in /var/log/ .
On Monday, May 23, 2016 5:10 PM, Rob Crittenden wrote:
Ask Stack wrote:
> Rob
> Thanks for the reply.
> I didn't find anything obvious in /var/log/dirsrv/slapd-/
RobThanks for the reply.
I didn't find anything obvious in /var/log/dirsrv/slapd-/access and errors and
/var/log/krb5kdc.log Do you know which service is responsible for providing
"/etc/krb5.keytab" to the client?
On Monday, May 23, 2016 2:57 PM, Rob Crittenden wrote
My company's ipa-client-install fail very often. Debug logs show the process
always failed at getting the /etc/krb5.keytab .
Is there a way to modify the script to increase number of attempts to create
/etc/krb5.keytab ?
I noticed "--kinit-attempts=KINIT_ATTEMPTS, number of attempts to obtain hos
rt I provide and ipa-client-install downloaded are identical.
On Friday, April 22, 2016 3:09 AM, Martin Babinsky
wrote:
On 04/21/2016 11:14 PM, Ask Stack wrote:
> Half the time ipa-client-install will fail at getting the TGT. Google
> showed posts like, Bug 845691 – ipa-clien
Half the time ipa-client-install will fail at getting the TGT. Google showed
posts like, Bug 845691 – ipa-client-install Failed to obtain host TGT. I
reduced _kerberos-master._tcp' '_kerberos-master._udp' '_kerberos._tcp'
'_kerberos._udp' to one server entry only. But it didn't help to reduce t
10 matches
Mail list logo